Bitcoin exchanges buckle under strain of phantom transactions

Mt. Gox, Bitstamp, and other Bitcoin exchanges have temporarily suspended withdrawal transactions after coming under a form of a denial-of-service attack that abuses weaknesses in the way they keep track of fund balances, a security expert said.

The attacks don't have any permanent effect on the central accounting mechanism for the digital currency, but they are likely the driving force behind a sharp decline in the bitcoin-to-dollar exchange rate over the past 48 hours. Since the attacks began on Monday, the price of one bitcoin on Mt. Gox has fallen from just below $700 to well below $540 at one point. It has see-sawed ever since and was at about $580 as this report was being prepared. Other exchanges showed similar fluctuations.

Andreas M. Antonopoulos, chief security officer of digital wallet developer Blockchain, said the attacks work by flooding exchanges with a large number of malformed transactions that are similar, but not identical, to legitimate transactions that were already made. Exchanges that trust one or more of the fake records instead of the entries in the official Bitcoin blockchain quickly fall out of sync with the rest of the network and must recalculate their fund balances once the mistakes become apparent. Malformed transactions aren't necessarily new, but over the past 48 hours their numbers have mushroomed, causing logjams that have prevented some exchanges from being able to process withdrawal requests.

"What makes it major is that malformed transactions are being injected at a far greater rate than we've ever seen before," Antonopoulos told Ars. "Whereas before this was a few transactions affecting Mt. Gox, now it's a lot of transactions affecting everyone."

Phantoms go viral

Antonopoulos likened the fake transactions attack to a crook photocopying a cash register receipt and using the duplicates to obtain store refunds for a previously purchased item. When only a few people carry out the scam, it's not likely to have any noticeable effect. If it's repeated often enough, however, it's bound to create a strain on the retailer's internal accounting system that takes time to reconcile.

"Whereas yesterday people were showing up at one store with these receipts, suddenly today it went viral," Antonopoulos explained. "And it's effectively like every retail store in the country is having lines of people showing up with photocopied receipts and [the stores] all have to think very carefully about how they're managing their refunds. And so they all say, 'Hang on—we're not going to process refunds for a day until we figure out what's going on here.'"

The attacks work because some exchanges rely on unconfirmed transaction records when adjusting balances or other items on their account ledgers. When an exchange relies on a record with a falsified cryptographic hash or identifier, it will encounter discrepancies once the legitimate transaction—or even another malformed record for the same transaction—is processed. There's little risk of funds being permanently lost, since balances will eventually be automatically reset based on records contained in the authoritative Bitcoin blockchain. Still, in the interim, the flood of phantom transactions can bog down systems and create backlogs that take time to work through.

The good news is that the integrity of the Bitcoin ledger is in no way compromised by the ongoing attacks. Bitcoin users may also be relieved to know that it's not hard for exchanges to update their systems to enable them to better withstand the attacks. Instead of relying on unconfirmed transaction records, Antonopoulos said, exchanges should trust transactions only after they have been entered into the official blockchain.

73 Reader Comments

Doesn't this also give us some confidence in the currency? With all the malformed transactions and strain on the system, in the end the balance is protected? I'd think it there was an inherent vulnerability we'd see something far more insidious.

I think it would provide more work because there are more transactions to confirm (or deny) but the amount of money per block that is mined stays the same. So in effect, it is more work for the same amount of pay.

No, fraudulent transactions are not included in the blockchain, and the fees they provide don't go to whoever finds the block because the fees they provide don't exist. These phantom transactions don't get included in new blocks, but you can't necessarily ignore a transaction just because it hasn't been confirmed in the most recent block. There are various reasons why a transaction wouldn't be included in a new block, the most likely of which is the fee is too low (or there is no fee). So these exchanges, if they wish to be able to tell a customer that their deposit was received, but not confirmed, can't ignore transactions even if they aren't included in the next most recent block. If I remember correctly, most clients will drop a transaction entirely (and thus refund the money if it existed) if they aren't included in a block after a week or so. The only way for them to ignore transactions entirely is to decide for themselves if they're real/fake, and then possibly correct themselves if they end up in the next block.

It's a shame there's no way to short Bitcoins. It seems like there are a million ways to make the price go down, and I doubt the SEC would step in for Bitcoin market manipulation.

Yea, but even if you can't short it, you can depress the value, buy up a supply, and then wait for it to rise back as exchanges fix the issue and confidence returns. This could be happening here.

There is also the possibility that this is an effort by a group opposed to BTC, maybe someone invested in an altcoin who thinks that damaging the reputation of BTC would improve the value of their altcoin.

Doesn't this also give us some confidence in the currency? With all the malformed transactions and strain on the system, in the end the balance is protected? I'd think it there was an inherent vulnerability we'd see something far more insidious.

I, too, have more confidence in a currency the more unstable and fluctuating and open to manipulation of this sort it becomes.

While I understand that cash has weaknesses, such as physical theft, I understand that. I understand needing to keep my cash secure, and more importantly, I understand *how* to keep my cash secure. I don't understand how to keep Bitcoins secure, or more accurately in this case, how to keep my Bitcoin transactions secure. I am more and more relieved that none of these headline items affect me at all.

To be fair to Bitcoin, a big part of the reason its value is so malleable is that Bitcoin's not really "big" (widespread) in comparison to more traditional currencies. Look at the way the value of stocks fluctuates in response to every piece of bad news; Bitcoin is behaving more like that than USD or the Euro.

I still have more faith in the long-term value of Bitcoin than I do in ZNGA. (Full disclosure: I own neither.)

It's a shame there's no way to short Bitcoins. It seems like there are a million ways to make the price go down, and I doubt the SEC would step in for Bitcoin market manipulation.

Yea, but even if you can't short it, you can depress the value, buy up a supply, and then wait for it to rise back as exchanges fix the issue and confidence returns. This could be happening here.

There is also the possibility that this is an effort by a group opposed to BTC, maybe someone invested in an altcoin who thinks that damaging the reputation of BTC would improve the value of their altcoin.

There is also the possibility that this is an effort by a group opposed to BTC, maybe someone invested in an altcoin who thinks that damaging the reputation of BTC would improve the value of their altcoin.

That strikes me as a bad strategy, though. Do you think people will flock to another crypto currency if they lose faith in bitcoin, or rather abandon them altogether? I think it's the latter, anything that damages bitcoin also damages all the altcoins in most people's minds.

To be fair to Bitcoin, a big part of the reason its value is so malleable is that Bitcoin's not really "big" (widespread) in comparison to more traditional currencies. Look at the way the value of stocks fluctuates in response to every piece of bad news; Bitcoin is behaving more like that than USD or the Euro.

I still have more faith in the long-term value of Bitcoin than I do in ZNGA. (Full disclosure: I own neither.)

Gold is pretty widespread...tons of people own pieces of gold, and yet the value of gold is always fluctuating. I think the value of Bitcoin will always be fluctuating like a commodity rather then a currency because it has more in common with a commodity then it does with a currency.

To be fair to Bitcoin, a big part of the reason its value is so malleable is that Bitcoin's not really "big" (widespread) in comparison to more traditional currencies. Look at the way the value of stocks fluctuates in response to every piece of bad news; Bitcoin is behaving more like that than USD or the Euro.

I still have more faith in the long-term value of Bitcoin than I do in ZNGA. (Full disclosure: I own neither.)

Gold is pretty widespread...tons of people own pieces of gold, and yet the value of gold is always fluctuating. I think the value of Bitcoin will always be fluctuating like a commodity rather then a currency because it has more in common with a commodity then it does with a currency.

A commodity markets, like most significant currencies (such as USD, Euro, etc.), at least has an actual tangible asset tied to it. BTC doesn't even have that. It is trading like a pure good will speculation, which is what it essentially is.

When script kiddies can effect prices in an electronic currency like this its time to reconsider how you invest your money while increasing your electrical bills. Time to grow up....and stop wasting electricity.

MT.Gox is dead. Anyone that keep money in there after the issues in 2011 is asking for a loss of their funds / bitcoin. The majority of news sites are already removing MtGox from their price indexes as they should.

CNN did an article earlier talking about "The Bitcoin Exchange Mt.Gox" OUCH !

MT.Gox is dead. Anyone that keep money in there after the issues in 2011 is asking for a loss of their funds / bitcoin. The majority of news sites are already removing MtGox from their price indexes as they should.

CNN did an article earlier talking about "The Bitcoin Exchange Mt.Gox" OUCH !

Big deal...the next cool exchange will be hit as well and you'll be calling that a crap exchange after a while. What a waste.

Doesn't this also give us some confidence in the currency? With all the malformed transactions and strain on the system, in the end the balance is protected? I'd think it there was an inherent vulnerability we'd see something far more insidious.

When tulips crashed in the Netherlands people still had their flowers. Nothing to worry about.

MT.Gox is dead. Anyone that keep money in there after the issues in 2011 is asking for a loss of their funds / bitcoin. The majority of news sites are already removing MtGox from their price indexes as they should.

CNN did an article earlier talking about "The Bitcoin Exchange Mt.Gox" OUCH !

Big deal...the next cool exchange will be hit as well and you'll be calling that a crap exchange after a while. What a waste.

Mt.Gox was not "hit" their CEO is MIA and no one seems to be running anything over there.

But you are correct, what is preventing any exchange from loosing their CEO, head programmer, or being the target of attacks. Nothing.

Given that the currency has not gone to $1.00 it still says its strong in light of all of those issues.

Since apparently the attackers don't make any money with this, do any of these exchanges have an explanation for why these attacks take place? The article is strangely quiet on that point.

I believe that they are manipulating the price Bitcoins trade at by attacking the exchanges. When they do this and create a backlog of trades the price fluctuates from its more natural position in a predictable way. If they have enough money they can quickly trade on this and make a significant profit. This only works because the whole market is relatively small and in the normal world this would be very much against the law.

I am really talking about the previous DoS attempts. These new attacks may well be trouble causers jumping on the bandwagon after MtGox complained and made it public knowledge. I will try and confirm what I just said, it makes sense and I am pretty sure I have read other people agreeing.

Since the attacks began on Monday, the price of one bitcoin on Mt. Gox has fallen from just below $700 to well below $540 at one point. It has see-sawed ever since and was at about $580 as this report was being prepared. Other exchanges showed similar fluctuations.

Meanwhile, the exchange for a single BTC on other exchanges such as BitStamp is currently at $673, $100USD higher than Mt.Gox ($588 as I write this)

Since the attacks began on Monday, the price of one bitcoin on Mt. Gox has fallen from just below $700 to well below $540 at one point. It has see-sawed ever since and was at about $580 as this report was being prepared. Other exchanges showed similar fluctuations.

Meanwhile, the exchange for a single BTC on other exchanges such as BitStamp is currently at $673, $100USD higher than Mt.Gox ($588 as I write this)

The price on MtGox always fluctuates by more than everyone else, I believe this is either partly because or the reason for most attacks targeting them.

Since the attacks began on Monday, the price of one bitcoin on Mt. Gox has fallen from just below $700 to well below $540 at one point. It has see-sawed ever since and was at about $580 as this report was being prepared. Other exchanges showed similar fluctuations.

Meanwhile, the exchange for a single BTC on other exchanges such as BitStamp is currently at $673, $100USD higher than Mt.Gox ($588 as I write this)

The price on MtGox always fluctuates by more than everyone else, I believe this is either partly because or the reason for most attacks targeting them.

Yeah, I'm working through the exchanges now. Is it normal for the spread across exchanges to be quite wide? Or is it just a side effect of the current problems with Mt. Gox?

Since the attacks began on Monday, the price of one bitcoin on Mt. Gox has fallen from just below $700 to well below $540 at one point. It has see-sawed ever since and was at about $580 as this report was being prepared. Other exchanges showed similar fluctuations.

Meanwhile, the exchange for a single BTC on other exchanges such as BitStamp is currently at $673, $100USD higher than Mt.Gox ($588 as I write this)

The price on MtGox always fluctuates by more than everyone else, I believe this is either partly because or the reason for most attacks targeting them.

Yeah, I'm working through the exchanges now. Is it normal for the spread across exchanges to be quite wide? Or is it just a side effect of the current problems with Mt. Gox?

Its the fluctuations on MtGox that got me interested in making money from it because I could see clear patterns but I think MtGox has been screwy for a while. I don't fully understand how they figure out their trading price and this means all the research I have done now feels like not enough. The good thing for Bitcoin in general is that the other exchanges are behaving in a more predictable/less volatile fashion.

Doesn't this also give us some confidence in the currency? With all the malformed transactions and strain on the system, in the end the balance is protected? I'd think it there was an inherent vulnerability we'd see something far more insidious.

I, too, have more confidence in a currency the more unstable and fluctuating and open to manipulation of this sort it becomes.

Price is affected but the currency is not. The public ledger is just fine. For the people who had coins on gox they started selling because they were afraid they might not get their coins in the future but could get cash and so the market followed the selling. If blame was to be assigned it would be to mt gox and other exchanges who do not implement their software correctly. Other exchanges do implement correctly... look at kraken or coinjar for instance.

Since apparently the attackers don't make any money with this, do any of these exchanges have an explanation for why these attacks take place? The article is strangely quiet on that point.

Why is that "apparent"?

I think he means they don't directly make money from the attacks. I have outlined how they indirectly make the money.

Yes, I meant directly. The article quotes an analogy with photocopied store receipts, but if no store actually gave you money in return for a false receipt, then why would you keep trying? It is repeatedly stated that no false transaction receipts result in transfered money.

Manipulating the price of bitcoins, as mrlm suggested, is certainly possible, since the attacks seem to have an effect on the price. But how reliable would that be? Apparently the price of bitcoins went down due to the attacks, but when Silk Road customers start hurting for their next fix, shouldn't they drive up the price instead?

Supply and demand.+ As more people get interested in Bitcoins demand goes up so the price you can get for them goes up.+ By attacking the exchanges at the right time they are restricting the supply further pushing up the price.= Do this too much and the trading volume falls at that exchange meaning less changes to the price.- Do it even more and you get panic selling causing the price to fall and liquidity problems at the exchange!

Silk Road only had an effect on Bitcoin by increasing interest and giving it a real world use. It didn't cause any of these big fluctuations except when it was in the news. Some of that was + some -. The new Silk Road is probably not significant any more.

The fraudster withdraw one bitcoin for $500 and exchanges it to $500 in cash. Before the transaction goes through, the fraudster spoofs a malformed transaction. The ledger rejects it and the exchange resends the transaction. The fraudster gets another bitcoin and trades it for $500 cash.

Once the actual ledger with the transaction is created, the fraudulent withdrawal is found and can be unwound. The ledger is still accurate. Unfortunately, the fraudster has their $1000 and someone else is stuck holding that nonexistent bitcoin.

Now, that the method is known, ever single script kiddy is attempting to do this which is why we see this almost DOS attack taking place. Can this be stopped? It'll be interesting to see how it can be. The exchange can't say if a rejection is real or due to a spoof of a malformed transaction. The exchange would simply have to wait until they get a confirmation, and if a confirmation doesn't come after a particular amount of time (and that block of time will get longer and longer), assume that if they got a rejection, that the rejection was valid.

The problem is that until a transaction is actually on the ledger, there's no guarantee that a received rejection is real or a spoof. Nor, under the Bitcoin protocol, is there any reason that a bitcoin transaction must appear on the next ledger. A low or no-payment transaction can appear much later than it actually occurred.

This is a weakness with Bitcoin. I can be given a bitcoin, but until the transaction is actually posted, there's no guarantee that I actually got it. For example, I go into Store "A", spend a bitcoin, then go into Store "B" before the transaction is recorded and attempt to spend the same bitcoin again. Sooner or later, the ledger will show that I didn't have that bitcoin I spent in Store "B", and Store "B" is out a bitcoin. Meanwhile, I got my merchandise, and there's no way to track me down. A store could require ID to pay in bitcoins, but that sort of eliminates the anonymous like cash aspect of the whole thing. A store could make me wait until the transaction shows up (and if they pay a high enough fee, it could be within a few minutes), but if you have dozens of people in line at the register, it'll be hard to do.